BitSight

Last updated
BitSight Technologies, Inc.
Company type Private
Industry
Founded2011;13 years ago (2011) [1]
Founders
  • Nagarjuna Venna
  • Stephen Boyer
Headquarters 111 Huntington Avenue
Boston, Massachusetts, United States [2]
Key people
Website bitsight.com

BitSight Technologies, Inc. is a cybersecurity ratings company that analyzes companies, government agencies, and educational institutions. [4] [5] It is based in Back Bay, Boston. [1] [2] Security ratings that are delivered by BitSight are used by banks and insurance companies among other organizations. [6] The company rates more than 200,000 organizations with respect to their cybersecurity. [7]

Contents

History

BitSight was founded in 2011 by Nagarjuna Venna and Stephen Boyer and currently has both United States-based and international employees. [1] [2] In 2016, BitSight raised US$40 million in funding in the month of September. [1]

In 2014, BitSight acquired AnubisNetworks, a Portugal-based cybersecurity firm that tracks real-time data threats. [8] [9]

By September 2016, BitSight had raised $40 million in a Series C round led by GGV Capital, with participation from Flybridge Capital Partners, Globespan Capital Partners, Menlo Ventures, Shaun McConnon, and the VC divisions of Comcast Ventures, Liberty Global Ventures, and Singtel Innov8. [10] [11] [12]

Shaun McConnon stepped down as the CEO of BitSight in July 2017 but remains the executive chairman of the board. [13] The CEO position was filled by Tom Turner in 2017, [13] and then by Stephen Harvey in 2020. [3]

In June 2018, BitSight closed $60 million in Series D funding, bringing the company's total funding to $155 million. [14] BitSight's Series D financing was led by Warburg Pincus, with participation from existing investors Menlo Ventures, GGV Capital and Singtel Innov8. [14] [15]

In 2018, the company was located in Cambridge but purchased property in order to shift to Back Bay, where BitSight is currently located. [2] Forbes has estimated BitSight's revenue as being $100 million as of 2018. [16]

In 2021, BitSight acquired VisibleRisk, a cyber risk assessment startup company and received a $250 million investment from Moody's Corporation. [17] [18]

In 2023, BitSight partnered with Schneider Electric to develop a new way to quantify operational technology risk. [19]

In 2024, Bitsight acquired Cybersixgill, a real-time cyber threat intelligence company. [20]

Services

Organizations purchase BitSight's services in order to understand "security risks associated with sharing sensitive data with business partners." [21] [22] [23] As of 2018, BitSight serves clients, including Lowe's, AIG, and Safeway. [24] [16] [25]

BitSight assembles models that produce company ratings, which are based on a scale that enables insurers to rule on the ability of businesses to receive coverage. [26] It produces ratings for 200,000 organizations as of 2020. [7]

With respect to its services, Amy Feldman of Forbes wrote that "Customers pay on a subscription basis with annual fees ranging from a few thousand dollars to analyze a single company to more than $1 million to review thousands of suppliers." [27] Similar to a credit score, BitSight's ratings range from 250 to 900. [28]

Related Research Articles

Kleiner Perkins, formerly Kleiner Perkins Caufield & Byers (KPCB), is an American venture capital firm which specializes in investing in incubation, early stage and growth companies. Since its founding in 1972, the firm has backed entrepreneurs in over 900 ventures, including America Online, Amazon.com, Tandem Computers, Compaq, Electronic Arts, JD.com, Square, Genentech, Google, Netscape, Sun Microsystems, Nest, Palo Alto Networks, Synack, Snap, AppDynamics, and Twitter. By 2019 it had raised around $9 billion in 19 venture capital funds and four growth funds.

<span class="mw-page-title-main">Trend Micro</span> Japanese multinational cyber security company

Trend Micro Inc. is an American-Japanese cyber security software company. The company has globally dispersed R&D in 16 locations across every continent excluding Antarctica. The company develops enterprise security software for servers, containers, and cloud computing environments, networks, and end points. Its cloud and virtualization security products provide automated security for customers of VMware, Amazon AWS, Microsoft Azure, and Google Cloud Platform.

<span class="mw-page-title-main">UST (company)</span> American technology company

UST, formerly known as UST Global, is a provider of digital technology and transformation, information technology and services, headquartered in Aliso Viejo, California, United States. Stephen Ross founded UST in 1998 in Laguna Hills. The company has offices in the Americas, EMEA, APAC, and India.

Khosla Ventures is a private American venture capital firm based in Menlo Park, California. It was founded by entrepreneur Vinod Khosla in 2004.

GGV Capital was an American venture capital firm. The firm was established in 2000 and was headquartered in Menlo Park, California. Formerly known as Granite Global Ventures, the firm had become one of the most active American investors in the Chinese artificial intelligence industry.

<span class="mw-page-title-main">Institutional Venture Partners</span> American investment firm

Institutional Venture Partners (IVP) is a US-based venture capital investment firm focusing on fast-growing technology companies. IVP was founded in 1980, making it one of the first venture capital firms in Silicon Valley.

<span class="mw-page-title-main">Jerusalem Venture Partners</span> International venture capital firm

Jerusalem Venture Partners (JVP) is an international venture capital firm founded in 1993. The fund specializes in investments in startup companies, focusing on digital media, enterprise software, semiconductors, data storage and cyber security, having raised close to $1.4 billion USD across nine funds. JVP is headquartered in Margalit Startup City Jerusalem with offices in Be'er Sheva, New York City and Paris.

<span class="mw-page-title-main">Sqrrl</span> Cyber security company

Sqrrl Data, Inc. is an American company founded in 2012 that markets software for big data analytics and cyber security. The company has roots in the United States Intelligence Community and National Security Agency. Sqrrl was involved in the creation of, and actively contributes to Apache Accumulo and other related Apache projects. Sqrrl’s primary product is its threat hunting platform, designed for active detection of advanced persistent threats.

<span class="mw-page-title-main">Dmitri Alperovitch</span> American computer security industry executive (born 1980)

Dmitri Alperovitch is an American think-tank founder, author, philanthropist, podcast host and former computer security industry executive. He is the chairman of Silverado Policy Accelerator, a geopolitics think-tank in Washington, D.C., and a co-founder and former chief technology officer of CrowdStrike. Alperovitch is a naturalized U.S. citizen born in Russia who came to the United States in 1994 with his family.

<span class="mw-page-title-main">Comcast Ventures</span> American venture capital firm

Comcast Ventures is a corporate venture capital firm headquartered in New York, NY.

GE Ventures was the venture capital subsidiary of General Electric. Headquartered in Menlo Park, California the firm also has offices in Boston, Chicago, Houston, Shanghai, and Tel Aviv. As of 2015, the CEO is Sue Siegel, and on October 23, 2017, she was also named chief innovation officer. GE Ventures plans to invest up to $150 million annually in startups in the healthcare, energy, software, and advanced manufacturing sectors.

<span class="mw-page-title-main">Illusive Networks</span>

Illusive Networks is a cybersecurity firm headquartered in Tel Aviv, Israel and New York. The company produces technology that stops cyber attackers from moving laterally inside networks by finding and eliminating errant credentials and connections, planting deceptive information about given network's resources, emulating devices, and deploying high interactivity decoys. Network administrators are alerted when cyber attackers use security deceptions in an attempt to exploit the network. Illusive Networks is the first company launched by the Tel Aviv-based incubator, Team8. In June 2015, Illusive Networks received $5 million in Series A funding from Team8. To date, it has raised over $54M.

Sierra Ventures is an American venture capital firm based in San Mateo, California. It targets startups in sectors including enterprise tech, artificial intelligence, cybersecurity and healthcare.

<span class="mw-page-title-main">Mach 37</span> American venture capital organization assisting startups

MACH37 is an American startup accelerator that was established in 2013 as a division of the Virginia-based Center for Innovative Technology (CIT) with funding from the Commonwealth of Virginia. In 2017 CIT partnered with VentureScope, a strategic innovation consultancy and venture firm, to revamp MACH37's operating model and curriculum. Following a successful partnership between CIT and VentureScope, MACH37 became fully owned and operated by VentureScope in 2020. MACH37 focuses primarily on honing and strengthening startups' product-market fit through extensive customer discovery and market research, expanding emerging companies' professional networks, fostering founder wellbeing, and providing emerging companies in the cybersecurity industry with access to investment capital and an immediate customer base. In an October 2020 article Forbes named MACH37 'the Granddaddy' of top cyber accelerators giving a nod to the fact that MACH37 was one of the first accelerators in the world dedicated to cyber and cyber adjacent technologies, and it has lasted far longer than many of its peer accelerators while strengthening over time. The name 'MACH37' is a reference to the escape velocity of Earth's atmosphere. VentureScope applies Lean Startup methodology at MACH37 as an efficient and successful approach to assist startups to rapidly adapt their search for a successful business model and test their hypotheses about customer needs and market demands.

ZeroFox Holdings, Inc. is an external cybersecurity company based in Baltimore, Maryland. It provides cloud-based software as a service (SaaS) for organizations to expose and disrupt phishing and fraud campaigns, botnet exposures, credential theft, impersonations, data breaches, and physical threats that target brands, domains, people, and assets.

Almaz Capital is a global VC fund headquartered in Portola Valley, California, United States investing in early stage, capital efficient technology companies in high-growth sectors. Almaz Capital focuses on disruptive deep tech companies in b2b software space, including AI/ML and Blockchain applications, IoT and Edge Computing Enablers, Cybersecurity, etc. Since its foundation the firm's portfolio has included about 50 companies, with more than 300 million US dollars invested in them.

Security ratings are an objective, data-driven, quantifiable measurement of an organization's overall cybersecurity performance. Security ratings provide businesses and government agencies with a third-party, independent view into the security behaviors and practices of their own organization as well as that of their business partners. Security ratings are a useful tool in evaluating cyber risk and facilitating collaborative, risk-based conversations.

Tenable, Inc. is a cybersecurity company based in Columbia, Maryland. Its vulnerability scanner software Nessus, developed in 1998, is one of the most widely deployed vulnerability assessment solutions in the cybersecurity industry. As of December 31, 2023, the company had approximately 44,000 customers, including 65% of the Fortune 500.

<span class="mw-page-title-main">Wiz (company)</span> Cloud computing security startup

Wiz, Inc. is an American cloud security startup headquartered in New York City. The company was founded in January 2020 by Assaf Rappaport, Yinon Costica, Roy Reznik, and Ami Luttwak, all of whom previously founded Adallom. Rappaport is CEO, Costica is VP of Product, Reznik is VP of Engineering, and Luttwak is CTO. The company's platform analyzes computing infrastructure hosted in Amazon Web Services, Microsoft Azure, Google Cloud Platform, Oracle Cloud Infrastructure, and Kubernetes for combinations of risk factors that could allow malicious actors to gain control of cloud resources and/or exfiltrate valuable data.

The Israeli cybersecurity industry is a rapidly growing sector within Israel's technology and innovation ecosystem. Israel is internationally recognized as a powerhouse in the cybersecurity domain, with numerous cybersecurity startups, established companies, research institutions, and government initiatives. Tel Aviv itself is being ranked 7th in annual list of best global tech ecosystems, as reported by the Jerusalem Post.

References

  1. 1 2 3 4 O'Brien, Kelly J. (16 May 2018). "BitSight to double HQ size in move from Cambridge to Boston". Boston Business Journal . Retrieved 10 October 2018.
  2. 1 2 3 4 Jon Chesto (17 May 2018). "Investors dump GE shares". The Boston Globe . Retrieved 11 October 2018. Cybersecurity ratings firm BitSight is setting its sights on a move to the Back Bay, to a space that is roughly double the size of its existing headquarters in Cambridge. The venture capital-backed firm has leased 48,000 square feet across two floors in the Prudential Center, at the 111 Huntington Ave. tower owned by Boston Properties. BitSight currently employs about 145 people in Cambridge, but will likely have 170 by January and another 30-plus by the end of next year after it moves to Boston.
  3. 1 2 "BitSight Appoints Stephen Harvey as Chief Executive Officer". PR Newswire . 7 January 2020. Retrieved 15 February 2020.
  4. Romo, Vanessa (30 March 2018). "As Atlanta Seeks To Restore Services, Ransomware Attacks Are On The Rise". NPR . Retrieved 10 October 2018. Data compiled by BitSight, a cybersecurity ratings company, is even more staggering. A 2016 report analyzing government, health care, finance, retail, education and utilities concluded that education institutions are most likely to be on the receiving end of a ransomware attack.
  5. Clarke, Richard (13 June 2017). "Why is it so easy for hackers to infiltrate - our mistakes". Quartz . Retrieved 11 October 2018. BitSight, a Boston firm that ranks companies for their level of cybersecurity, compared five industries: health care, finance, retail, utilities, and federal agencies.
  6. Lunden, Ingrid (10 July 2018). "BitSight, a provider of security ratings, raises $60M at a valuation of around $600M". TechCrunch . Retrieved 11 October 2018. . Typical customers include large to mid-sized organizations, and while BitSight doesn't provide specific names it says the list includes seven of the top 10 cyber insurers, 20 percent of Fortune 500 companies, and three of the top five investment banks, an impressive list. Others that use these ratings are cyber insurance companies, when devising what kind of rates to charge customers, and also to monitor those customers after they are insured. And they are also used by companies, Turner says, to assess acquisition targets when a company is going through due diligence; or before making investments.
  7. 1 2 Whitney, Lance (21 January 2020). "Windows 7 remains an albatross at many large organizations". TechRepublic . CBS Interactive . Retrieved 24 January 2020.
  8. Reader, Ruth (21 October 2014). "Security ratings company BitSight acquires threat analytics service". VentureBeat . Retrieved 11 October 2018. Security ratings company BitSight Technologies just picked up a small Portugal-based threat intelligence company called AnubisNetworks.
  9. Castellanos, Sara (23 October 2014). "BitSight Technologies acquires cybersecurity firm AnubisNetworks". Boston Business Journal . Retrieved 10 October 2018. Cambridge-based BitSight Technologies, which rates businesses on their cyber security performance, has acquired Portugal firm AnubisNetworks, which tracks real-time data threats.
  10. Zakrzewski, Cat (15 September 2016). "Cybersecurity Ratings Startup BitSight Raises $40M". The Wall Street Journal . Retrieved 10 October 2018. BitSight Technologies Inc. has raised $40 million to provide security ratings. GGV Capital led the Series C round, with participation from existing investors Flybridge Capital Partners, Globespan Capital Partners, Menlo Ventures and the company's chief executive, Shaun McConnon. The venture arms of Comcast Ventures, Liberty Global Ventures and Signtel Innov8 also participated.
  11. Woodward, Curt (15 September 2016). "BitSight raises $40M to expand IT security ratings software". The Boston Globe . Retrieved 10 October 2018. Investors are pouring another $40 million into BitSight Technologies Inc., a Cambridge startup that analyzes Internet traffic to generate the equivalent of a credit score for a company's risk of cybersecurity attacks.
  12. Kuchler, Hannah (8 January 2017). "Insurers tap cyber security ratings to limit liabilities". Financial Times. Bitsight recently announced a fundraising of $40m, led by GGV Capital, as it expands to cater for insurers' desire to know more about the security weaknesses of their potential — and existing — customers.
  13. 1 2 O'Brien, Kelly J. (30 July 2017). "Longtime cybersecurity exec to step down as BitSight CEO". Boston Business Journal . Retrieved 11 October 2018. He's adamant that he's not retiring, but after leading three Massachusetts cybersecurity companies to $1 billion worth of total exit value and a fourth to the verge of an IPO, Shaun McConnon is done being a CEO at his latest company. McConnon will step down as CEO of Cambridge-based cybersecurity ratings company BitSight Technologies Inc. on July 1, but will stay on as the executive chairman of BitSight's board. BitSight's chief operating officer Tom Turner will take over as top executive.
  14. 1 2 Lunden, Ingrid (10 July 2018). "BitSight, a provider of security ratings, raises $60M at a valuation of around $600M". TechCrunch . Retrieved 10 October 2018. BitSight, which provides an ongoing, changing "risk security posture" of some 1,200 organizations, has raised $60 million in a Series D round led by Warburg Pincus, funding that it will use to expand its risk management solutions — specifically in areas like analytics — and overall business development. This brings the total raised by BitSight to $155 million. Tom Turner, BitSight's CEO, said the company was not disclosing its valuation with this round, but he hinted that it was ten times more than the company's valuation at its Series A. That round, according to figures from PitchBook, was at $60 million post-money, meaning that the company is now valued at around $600 million. Others in this round include Menlo Ventures, GGV Capital and Singtel Innov8, all previous investors.
  15. Jim Finkle, Bill Rigby (15 September 2016). "Cyber-ratings firm BitSight raises $40 million, GGV Capital leads round". Reuters . Retrieved 11 October 2018. BitSight Technologies, a firm that sells cyber security ratings on businesses to insurers, said on Thursday that it has closed $40 million in series C funding, in a round led by GGV Capital. Previous investors that joined the round include Flybridge Capital Partners, Globespan Capital Partners, Menlo Ventures and Shaun McConnon.
  16. 1 2 Feldman, Amy (14 December 2016). "Meet The 72-Year-Old 'Whiz Kid' Behind Cybersecurity Startup BitSight". Forbes . Retrieved 11 October 2018. FORBES estimates BitSight's revenues will reach $50 million in 2017 and $100 million in 2018, when McConnon hopes to take the company public. He expects it to be profitable by 2019.
  17. Novinson, Michael (2021-09-13). "BitSight Buys Startup VisibleRisk, Gets $250M From Moody's". CRN. Retrieved 2023-11-15.
  18. "Moody's to invest $250 million in BitSight and create a 'cybersecurity risk platform'". ZDNET. Retrieved 2023-11-13.
  19. "BitSight, Schneider Electric partner to quantify OT risk | TechTarget". Security. Retrieved 2023-11-15.
  20. "Bitsight Completes Acquisition of Cyber Threat Intelligence Leader, Cybersixgill | Cybersixgill". Security. Retrieved 2024-12-20.
  21. Sawers, Paul (15 September 2016). "BitSight raises $40 million to help companies rate partner firms' cybersecurity credentials". VentureBeat . Retrieved 11 October 2018. Founded in 2011, BitSight offers a platform that helps companies mitigate security risks associated with sharing sensitive data with business partners.
  22. Schoenberg, Carter (16 January 2018). "Cyber insurance in the 2018 regulatory landscape". CSO . Retrieved 11 October 2018. Some firms have tools for existing clients or potential clients to measure how good of a risk they are. Some firms are using BitSight or similar technologies.
  23. Olcott, Jacob (12 February 2015). "Q&A: BitSight Technologies' new VP of business development talks cybersecurity". Boston Business Journal . Retrieved 11 October 2018. This is Olcott's sixth week at BitSight Technologies, a four-year-old company that rates businesses on their cyber security performance — which has proven to be an essential service for organizations looking for third-party vendors they can trust.
  24. Yakowicz, Will (19 September 2017). "In an Era of Major Hacks, Cyber Insurance May Be the Industry's Riskiest Bet Yet". Inc. Retrieved 11 October 2018. But that long history of data on past catastrophes does not exist in the cyber insurance policy world, says Stephen Boyer, the CTO and co-founder of risk-rating company BitSight, a company that assesses company risk for cyber policies written by AIG, Travelers, and others.
  25. Woodward, Curt (15 September 2016). "BitSight raises $40M to expand IT security ratings software". The Boston Globe. Retrieved 11 October 2018. BitSight customers, which include Lowe's, Ferrari, and The Hartford, use the startup's security ratings when they're deciding whether to do business with another company  buying its products, making an acquisition offer, or writing an insurance contract, Turner said.
  26. Kuchler, Hannah (8 January 2017). "Insurers tap cyber security ratings to limit liabilities". Financial Times. Then, it creates a model that rates companies on a scale and insurers use the rating to decide if applicants get coverage.
  27. Feldman, Amy (14 December 2016). "Meet The 72-Year-Old 'Whiz Kid' Behind Cybersecurity Startup BitSight". Forbes . Retrieved 11 October 2018.
  28. Perlroth, Nicole (7 May 2017). "Hackers Find Celebrities' Weak Links in Their Vendor Chains". The New York Times . Retrieved 11 October 2018. BitSight uses a scoring system of 250 to 900, similar to a credit score. SecurityScorecard gives grades from A to F.